Open Source Mac Virtualization Software

This is Metasploitable2 (Linux) Metasploitable is an intentionally vulnerable Linux virtual machine. This VM can be used to conduct security training, test security tools, and practice common penetration testing techniques. The default login and password is msfadmin:msfadmin. Never expose this VM to an untrusted network (use NAT or Host-only mode if you have any questions what that means). To contact the developers, please send email to msfdev@metasploit.com

bWAPP, or a buggy web application, is a free and open source deliberately insecure web application. bWAPP helps security enthusiasts, developers and students to discover and to prevent web vulnerabilities. bWAPP prepares one to conduct successful penetration testing and ethical hacking projects. What makes bWAPP so unique? Well, it has over 100 web bugs! It covers all major known web vulnerabilities, including all risks from the OWASP Top 10 project. The focus is not just on one specific issue... bWAPP is covering a wide range of vulnerabilities! bWAPP is a PHP application that uses a MySQL database. It can be hosted on Linux/Windows with Apache/IIS and MySQL. It is supported on WAMP or XAMPP. Another possibility is to download bee-box, a custom VM pre-installed with bWAPP. This project is part of the ITSEC GAMES project. You can find more about the ITSEC GAMES and bWAPP projects on our blog. For security-testing and educational purposes only! Cheers Malik Mesellem

Web Security Dojo is a virtual machine that provides the tools, targets, and documentation to learn and practice web application security testing. A preconfigured, stand-alone training environment ideal for classroom and conferences. No Internet required to use. Ideal for those interested in getting hands-on practice for ethical hacking, penetration testing, bug bounties, and capture the flag (CTF). A single OVA file will import into VirtualBox and VMware. There is also an Ansible script for those brave souls that want transform their stock Ubuntu into a virtual dojo. Bow to your sensei! username: dojo password: dojo

CacheGuard-OS, amongst other functions, embeds a Web Gateway allowing you to have control over what type of Web content is allowed in your organization, by whom and when. The Web Gateway works as a transparent or explicit Web proxy and blocks malware and other unwanted contents such as ads or adult websites at gateway even in an encrypted format (HTTPS). In addition, its caching capability allows you to cache bandwidth-intensive traffic such as YouTube or Windows updates in order to save your bandwidth. CacheGuard Web Gateway is distributed as an open source OS called CacheGuard-OS that you can install on a virtual or hardware machine of your choice. Once installed on a machine, CacheGuard-OS transforms that machine into a network appliance. In addition to the Web Gateway, CacheGuard-OS includes multitude of other services such as VPN, WAF and WAN optimization. CacheGuard products are especially designed to address SME requirements by providing functional solutions.

raw2vmdk is an OS independent Java utility that allows you to mount raw disk images, like images created by "dd", using VMware, VirtualBox or any other virtualization platform supporting the VMDK disk format.

The ODS3 Virtual Machine Challenge are downloadable images that can be run as VMWare or VirtualBox instances. The Idea behind the challenge is to test and exercise web application penetration testing in a controlled environment. These images are great for cyber security students, penetration testers and hobbyist. Care should be taken if installed on an Internet access host as the application are purposely vulnerable to attack and exploitation.

OpenVAS is an open source remote security vulnerability scanner, designed to search for networked devices and computers, discover accessible ports and services, and to test for vulnerabilities on any such ports; plugins allow for further expansion.

Similar to the de-ice pentest CDs and pWnOS, Holynix is an Linux vmware image that was deliberately built to have security holes for the purposes of penetration testing. Visit http://pynstrom.com/forum/ for help setting up or completing the challenge.

WPE aims to help the beginners Web Penetration Testing to develop their skills * Web pentesting Enviromint :-: user:"ahmad.ninja" pass:"hacking15.org" 1. Environment to simulate the real live app (webs & mobile) but it focused on "web app". 2. This is the half of our project the other one will be on YouTube as "Video Tutorials" Which aim to help you to start your Pentesting career or develop it 3. The videos will be in English but articles will be written in Arabic 4. For instant support ask me @ahmaddotninja 5. Why didn`t I setup tools ? because you should learn how to install any tool on any platform ** Installation steps :-: 1- WPE is virtual Machine so you will need VM software we recommended Oracle VM VirtualBox Get it from here https://www.virtualbox.org/wiki/Downloads 2- uncompressed WPE.7z 3- after you install VirtualBox go to the menu bar select Machine > add 4- Browse to WPE folder select WPE.vbox // we use only OpenSource or Free software

Isolated Execution is a software reference implementation of the security through isolation concept. It brings a contained environment where malware can run without affecting the whole system.

The SXMD (" like Security-X MultiDistribution ") use syslinux, grub4dos and others bootloaders to recover a crashed boot or run many GNU / Linux utilities. The first category is "Antivirus" with editors like Antivir, AVG, Comodo, DrWeb, FSecure, Kaspersky, Panda, VBA ... The second is composed by GNU/Linux's Distro: DSL, CorePlus (+Qemu Starter), Slacko, Slax Custom, Slitaz & XPuD ... After, you can find very good Recovery and Partitioning tools : Redo Backup, Parted Magic, MiniTool Partition Wizard, Paragon, PING, OSF and ActiveBootDisk ... SXMD also gathering a XP PE : Hiren'sBoot with DOS tools ("ubcd"), a Portable Suite and many boot priorities or possibilities. Size : +/- 3Gb Available : USB / DVD version ("coming soon") WebSite : http://www.security-x.fr/tools/SXMD ("under construct")

VDE2 OpenMoko Tunnel is a Python/GTK visual interface created for OpenMoko Freerunner. It is intended to build virtual ethernet tunnels to remote VDE switches. This program is released under the GPL v2 as part of the Virtualsquare project.

VNEC is a tool to perform automated network experiments in a virtual environment.

Vsam (Vulnerabillity, Scanning, Analysis and Management) is a project dedicated to the release of a virtual appliance for the management and analysis of vulnerability scan data. The main goals are ease of use and stability of the application.

THIS IS NOT WHONIX'S HOMEPAGE. Please go to: https://www.whonix.org/ (This is only Whonix's sourceforge must-have project page.) Whonix is an operating system focused on anonymity, privacy and security. It's based on the Tor anonymity network, Debian GNU/Linux and security by isolation. DNS leaks are impossible, and not even malware with root privileges can find out the user's real IP. Whonix consists of two parts: One solely runs Tor and acts as a gateway, which we call Whonix-Gateway. The other, which we call Whonix-Workstation, is on a completely isolated network. Only connections through Tor are possible. Whonix is produced independently of, and carries no guarantee from, The Tor Project. For download: https://www.whonix.org/wiki/Download

A pre configured virtual machine for automatically running DBAN with PXE.

WARNING: Project moved to http://github.com/plashchynski/viewssld viewssld is a free and open source non-terminating SSLv2/SSLv3/TLS traffic decryption daemon for Snort and other Network Intrusion Detection Systems (IDS).

OmniEdge is an Open source p2p layer 2 , zero-config mesh VPN infrastructure, a traditional VPN, AWS VPC, Ngrok, DDNS alternative. No central server, easy to scale with less maintenance. What happens in intranet, stays in in intranet.